Dave,
JG> Four questions:
JG> * Since CSV and Sender ID are still on the table is it
JG> appropriate for this review to be carried out for both
JG> proposals, even though it is my understanding the
schedule JG> is to review Sender-ID first and then CSV
second?
"any interesting specification should get reviews.
however, yes, the chairs asked for discussion of csv to be
deferred for awhile.
in any event, separate specifications warrant separate
reviews.
and i've already started to recruit reviews for csv."
I simply thought it might be best to do both at the same
time.
This would allow for a comparative analysis to aid in the
decision process.
However, I understand your position. To me, as long as
there is an independent review, this is what is important.
JG> * In conducting their review, given the guidance of Mr.
JG> Hardie on the licensing issue, is it appropriate to ask
JG> that this issue be considered as part of the review,
"licenscing is legal. the reviews are technical. how could
licenscing "be considered as part of the review"?"
Only to the limited extent as suggested by Ted Hardie that:
"The IETF is an engineering body, and it makes engineering
decisions. It cares about licensing only as it affects the
ability to implement and deploy a standard."
So one of the questions put to the reviewers could be "will
the royalty free license in the form as tabled by Microsoft
with the FAQ have any negative affect on the ability to
implement and deploy Sender-ID from an engineering
perspective and if so, what is the nature and significance
of that affect?"
Engineers as contract managers have to make decisions based
on specifications and contracts all the time.
I suggest the package put to the reviewers include the MS
license along with the FAQ, being what "implementors,
contractors, software firms and others" will have in hand.
If the answer comes back no, this puts the issue to rest
from an engineering perspective.
If the answer comes back yes, then the issue becomes a
factor given section 8 of RFC 3688 as to what protocol the
WG recommends, based on the signficance of the yes.
The reviewers may come back and say for example, we can't
answer the question based on the license and FAQ without
consulting with lawyers. This is a factor in and of itself,
as that becomes a cost and a friction in dealing with
implementation.
* Is this an acceptable factor? For medium and large
corporations it is part of doing business.
For the independent developer/implementor it may be an
undue burden.
* Is there a need for independent developers/implementors
to expidite the process?
It depends on one's perspective, but at least the issue has
then been framed and people can make an informed decision.
MS can deal with the issue as it considers proper,
presuming there is time.
This in turn requires a fair selection process of the
reviewers.
Which is why I suggested the WG Chairs with the guidance of
the WG Technical Advisors select the reviewers for both
proposals.
Of course, it is quite appropriate for the proponents to
recruit reviewers and submit a panel for consideration.
Doing it this way maintains the atmosphere of collegiality,
while ensuring the appearance of fairness, if that makes
any sense.
Just some suggestions for people to mull over.
John
John Glube
Toronto, Canada
The FTC Calls For One Standard For Sender Authentication
http://www.learnsteps4profit.com/dne.html
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.718 / Virus Database: 474 - Release Date: 09/07/2004